Debian Bug report logs -
#1027146
vim: CVE-2022-4141
Reported by: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 28 Dec 2022 16:42:02 UTC
Severity: important
Tags: security, upstream
Found in version vim/2:9.0.0813-1
Fixed in version vim/2:9.0.1000-1
Done: James McCoy <jamessan@debian.org>
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Vim Maintainers <team+vim@tracker.debian.org>
:
Bug#1027146
; Package src:vim
.
(Wed, 28 Dec 2022 16:42:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Vim Maintainers <team+vim@tracker.debian.org>
.
(Wed, 28 Dec 2022 16:42:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: vim
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for vim.
CVE-2022-4141[0]:
| Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing
| an attacker to CTRL-W gf in the expression used in the RHS of the
| substitute command.
https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f
https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5 (v9.0.0947)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-4141
https://www.cve.org/CVERecord?id=CVE-2022-4141
Please adjust the affected versions in the BTS as needed.
Reply sent
to James McCoy <jamessan@debian.org>
:
You have taken responsibility.
(Wed, 28 Dec 2022 17:42:06 GMT) (full text, mbox, link).
Notification sent
to Moritz Mühlenhoff <jmm@inutil.org>
:
Bug acknowledged by developer.
(Wed, 28 Dec 2022 17:42:06 GMT) (full text, mbox, link).
Message #10 received at 1027146-close@bugs.debian.org (full text, mbox, reply):
Source: vim
Source-Version: 2:9.0.1000-1
Done: James McCoy <jamessan@debian.org>
We believe that the bug you reported is fixed in the latest version of
vim, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1027146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James McCoy <jamessan@debian.org> (supplier of updated vim package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 28 Dec 2022 11:51:10 -0500
Source: vim
Architecture: source
Version: 2:9.0.1000-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Vim Maintainers <team+vim@tracker.debian.org>
Changed-By: James McCoy <jamessan@debian.org>
Closes: 1027146
Changes:
vim (2:9.0.1000-1) unstable; urgency=medium
.
* Merge upstream patch v9.0.1000
+ Security fixes
- 9.0.0882: using freed memory after SpellFileMissing autocmd uses
bwipe, CVE-2022-4292
- 9.0.0947: invalid memory access in substitute with function that goes
to another file (Closes: #1027146, CVE-2022-4141)
* Backport v9.0.1087 to fix test_autocmd flakiness
Checksums-Sha1:
bcb4bef7232a59209a426e19607bec3d10a42ea1 3168 vim_9.0.1000-1.dsc
a041828ee50468bb632f2eec2de4c0ef43339cf1 11016004 vim_9.0.1000.orig.tar.xz
5d3cc09ee6ec15d920961e5b9a5f8b03cd97966c 171456 vim_9.0.1000-1.debian.tar.xz
Checksums-Sha256:
cf7981cf974c59622f18a5f18e5cf851b503a245157d038300672383fab060c6 3168 vim_9.0.1000-1.dsc
7cad71aa4285f827ea324dbb2453ed88ecb228fe10f258683f78560aa42f6743 11016004 vim_9.0.1000.orig.tar.xz
c0eea5a7c83e99223f956053363b6a22569f66c23df00406202d6eaa2a527c66 171456 vim_9.0.1000-1.debian.tar.xz
Files:
a78f72e752f8f46326cc5d50cac9f7e0 3168 editors optional vim_9.0.1000-1.dsc
7e7a50315bb8e7b2bc7b83dd7304091c 11016004 editors optional vim_9.0.1000.orig.tar.xz
770500c2f7273150f2debffe2c2f7c87 171456 editors optional vim_9.0.1000-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKoBAEBCgCSFiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAmOsdchfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx
QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIUHGphbWVzc2Fu
QGRlYmlhbi5vcmcACgkQ3+aRrjMbo9s2CxAAqJUqFee8IfOVjK3fsmDXFzf8u1Pz
/wkm4+CUT6hYarwyChecQYvmGR+ELL0P3JSJNntKUBVUt1b4hm0fy+/7MbPnFHn7
YbWAMvZdI2DSDxpja7HNEWEc05x3q0JFE5qfcpJnb+XMPwhfBwf6blZ/SxBkkiIb
MwfbzyolXrUeXvDTbSXbvzDzYtCCveWQYkArTDDZPNyaA/NHpWUTAYwwd99SrW30
NOqnagrvbe1C5FWq8KxNbSX+ZZZl5m7WL1qRQs9r8YTGRDdX74W70tmHen8qhtS/
ozTwWnXazt0rekXVye+aFG1adrIF+4wLj6VpwOlGH36fEf6TIUUvcidXhLeYH9Gt
EJdQBcKc7cV6MylSwfzshrJHMR8YW+kUmrzFtSXavcwXlAZ2ImkSy9ApJbiueIvq
NDQHo0ANQjUGjn1VENEBvSpFRFyX8f174A1VjOX+6kcEIouur3ILnlhZuUqHKBmE
SguraGFa6hNqFzFN2KBq7bIZlSimRs2J486bxmgXaRhvxDWZHhg3LtV7LnRv0IcI
oe3dS/CTbsDf2cnC2u1t3epYn1Hsw9atK8snBEQDCPHdgzPBE3NjsNYYxtXwu/CC
FXzsFBJMlyYM3pC9i9dmo4olcus0B5Vb5bqGGXlLxTqFwPhlJtjF7t0ViWRbTAgp
TdYqknoVXMBjP80=
=GnEb
-----END PGP SIGNATURE-----
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Wed, 28 Dec 2022 19:45:04 GMT) (full text, mbox, link).
Marked as found in versions vim/2:9.0.0813-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Wed, 28 Dec 2022 19:45:05 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Thu Dec 29 16:36:48 2022;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.